add flag for enabling RBAC on local-up-cluster #34619
Merged
+5
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-github-robot
added
size/XS
spxtr
reviewed
Oct 12, 2016
| @@ -285,6 +285,10 @@ function start_apiserver { | |||
| if [[ -n "${ALLOW_ANY_TOKEN:-}" ]]; then | |||
| anytoken_arg="--insecure-allow-any-token " | |||
| fi | |||
| authorizer_arg="" | |||
| if [[ -n "${ENABLE_RBAC:-}" ]]; then | |||
There was a problem hiding this comment.
I would have expected that if ENABLE_RBAC is "false" then we wouldn't use this.
There was a problem hiding this comment.
I would have expected that if ENABLE_RBAC is "false" then we wouldn't use this.
The other condition checks in the same method don't make the distinction. Do you feel strongly?
deads2k
changed the title
deads2k
added
release-note-none
|
@pweil- this works, I've removed |
|
LGTM |
deads2k
added
the
lgtm
|
Automatic merge from submit-queue |
xilabao
added a commit
to xilabao/kubernetes
that referenced
this pull request
Nov 2, 2016
xilabao
added a commit
to xilabao/community
that referenced
this pull request
Dec 22, 2016
xilabao
added a commit
to xilabao/community
that referenced
this pull request
Dec 22, 2016
xilabao
added a commit
to xilabao/community
that referenced
this pull request
Dec 22, 2016
xilabao
added a commit
to xilabao/community
that referenced
this pull request
Dec 26, 2016
ruebenramirez
pushed a commit
to ruebenramirez/community
that referenced
this pull request
Apr 22, 2017
calebamiles
pushed a commit
to kubernetes/sig-release
that referenced
this pull request
Jul 25, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enables cases like
ALLOW_ANY_TOKEN=true ENABLE_RBAC=true hack/local-up-cluster.shto startup an api server so you can test RBAC against it.@pweil- You can try this using
oc login localhost:6443 --token=username/group1,group2,system:masters. Then you should have full rights. You can useoc login --token=usernameorkubectl create -f - --token=otheruser/othergroupto simulate other users.This change is